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AII claims being allowable, PROSECUTION ON THE MERITS IS (OR REMAINS) CLOSED in this application. If not included 
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NOTICE OF ALLOWABILITY IS NOT A GRANT OF PATENT RIGHTS, This application is subject to withdrawal from issue at the initiative 
of the Office or upon petition by the applicant. See 37 CFR 1313 and MPEP 1308. 

1 . 13 This communication is responsive to 11/19/2004 . 
2. ^ The allowed claim(s) is/are 7-20 . 

3. 13 The drawings filed on 24 May 2001 are accepted by the Examiner. 

4. □ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 

a) □ All b) □ Some* c) □ None of the: 

1. □ Certified copies of the priority documents have been received. 

2. □ Certified copies of the priority documents have been received in Application No. . 

3. □ Copies of the certified copies of the priority documents have been received in this national stage application from the 

International Bureau (PCT Rule 17.2(a)). 
* Certified copies not received: . 

Applicant has THREE MONTHS FROM THE "MAILING DATE" of this communication to file a reply complying with the requirements 
noted below. Failure to timely comply will result in ABANDONMENT of this application. 
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5. □ A SUBSTITUTE OATH OR DECLARATION must be submitted. Note the attached EXAMINER'S AMENDMENT or NOTICE OF 
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(a) □ including changes required by the Notice of Draftsperson's Patent Drawing Review ( PTO-948) attached 

1) □ hereto or 2) □ to Paper No./Mail Date . 

(b) □ including changes required by the attached Examiner's Amendment / Comment or in the Office action of 

Paper No./Mail Date . 

Identifying indicia such as the application number (see 37 CFR 1.84(c)) should be written on the drawings in the front (not the back) of 
each sheet. Replacement sheet(s) should be labeled as such in the header according to 37 CFR 1.121(d). 
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Examiner^s Statement of Reasons for Allowance 

1 . Claims 1 -20 are allowed over prior art. 

2. This action is in reply to applicant's correspondence of 19 November 2004 and 
discussion with Joseph T. Van Leeuwen, Reg. No. 44,383 and Herman Rodriguze, Reg. No. 
53,900 during a telephone interview on 2/15/2005. 

3. The following is an examiner's statement of reasons for the indication of allowable 
claimed subject matter. 

4. The claim 19 insufficient antecedent basis ' 1 12-2 rejection is withdrawn. 

5. As per claims 1, (8, and 14 are the associated system/apparatus and software embodied 
variations on claim 1), prior art of record, Minear et al, U.S. Patent 5,983,350, fails to teach, 
alone, or in combination, of; 

(claim 1) "A method of establishing a secure communication path between a computer system 
and a remote computer system comprising: 

exchanging identification data with the remote computer system using a communication 

path; 

determining, based on the identification data, whether a predefined security policy exists 
corresponding to the remote computer system, wherein the predefined security policy defines at 
least one constraint on security associations (SAs) created in accordance with the predefined 
security policy; and 

establishing a secure communication path using a default security policy in response to 
determining that the predefined security policy does not exist, wherein the default security policy 
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defines at least one constraint on security associations (SAs) created in accordance with the 
default security policy''' ; 

6. The italicized above claim elements dealing with (for example; claim 1) " ... establishing 

a secure communication path between a computer system and a remote computer . . . exchanging 

identification data . . . determining, based on the identification data, whether a predefined 

security policy exists . . . wherein the predefined security policy defines at least one constraint on 

security associations (SAs) . . . establishing a secure communication path using a default security 

policy in response to determining that the predefined security policy does not exist, wherein the 

default security policy defines at least one constraint on security associations (SAs) created in 

accordance with the default security policy' serving to patently distinguish the invention from 

prior art. Specifically, while the use of security policy /security associations for secure 

communications through a public (i.e., unsecured) network is known in the prior art (i.e., see Iyer, 
P. et al, "Scalable Deployment of IPsec in Corporate Intranets", Intel Architecture Labs, 2000, entire document, 
www.dell.com/downloads/global/ solutions/ipsec_dep JaM22.pdf), the use of authentication (".,. 

determining, based on the identification data ...") as the controlling mechanism insofar as the 

determining of the default security policy (i.e., "... establishing a secure communication path 

using a default security policy in response to determining that the predefined security policy does 

not exist ...") to be so associated with the secure 'tunnel' communications parameters (i.e., "... 

defines at least one constraint on security associations ...*') through the public network, is 

patently distinct in the art. 

Prior art of record specifically deals with default policies based on failure to setup a 

predetermined security policy at configuration time, or, as a result of some systemic network 
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negotiation problem per se. There is nowhere implicitly or explicitly any mention of the use of 

authentication as the controlling mechanism insofar as the determining of the default security 

policy with associated predetermined security association(s). 

However, the claim language clearly associates the applicant's invention to the use of 

authentication to determine security^ policy/association criteria. This is in contrast to overriding 

default security policy used for outgoing traffic functionality (i.e., see Wu, C.L., et al, "iPSec/PHiL 
(Packet Header Information List): Design. Implennentation, and Evaluation", NC State University, 2000, entire 
document, section 4. in particular, http://seclab.cs.ucdavis.edu/papers/314-PHIL.pdf). 

7. Claims 8 and 14 deal with the system aspects and software embodiment, respectively, of 
the methods of claim 1. 

8. Dependent claims 2-7,9-13,15-20 are allowable by virtue of their dependencies. 



should be directed to Ronald Baum, whose telephone number is (571) 272-3861, and whose 
unofficial Fax number is (571) 273-3861. The examiner can normally be reached Monday 
through Thursday from 8:00 AM to 5:30 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh, can be reached at (571) 272-3795. The Fax number for the organization 
where this application is assigned is 703-872-9306. 
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9. 
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